| [ Index ] |
PHP Cross Reference of e107 v1 |
[Summary view] [Print] [Text view]
1 <?php 2 /* 3 + ----------------------------------------------------------------------------+ 4 | e107 website system 5 | 6 | Copyright (C) 2001-2002 Steve Dunstan (jalist@e107.org) 7 | Copyright (C) 2008-2010 e107 Inc (e107.org) 8 | 9 | 10 | Released under the terms and conditions of the 11 | GNU General Public License (http://gnu.org). 12 | 13 | $URL: https://e107.svn.sourceforge.net/svnroot/e107/trunk/e107_0.7/rate.php $ 14 | $Revision: 11678 $ 15 | $Id: rate.php 11678 2010-08-22 00:43:45Z e107coders $ 16 | $Author: e107coders $ 17 +----------------------------------------------------------------------------+ 18 */ 19 20 // DIRTY - needs input validation, streaky 21 22 require_once ("class2.php"); 23 24 $qs = explode("^", e_QUERY); 25 26 if (!$qs[0] || USER == FALSE || $qs[3] > 10 || $qs[3] < 1 || strpos($qs[2], '://') !== false) 27 { 28 header("location:".e_BASE."index.php"); 29 exit; 30 } 31 32 $table = $tp -> toDB($qs[0]); 33 $itemid = intval($qs[1]); 34 $returnurl = $tp -> toDB($qs[2]); 35 $rate = intval($qs[3]); 36 37 if ($sql -> db_Select("rate", "*", "rate_table='{$table}' AND rate_itemid='{$itemid}'")) 38 { 39 $row = $sql -> db_Fetch(); 40 if(strpos($row['rate_voters'], ".".USERID.".") === FALSE) 41 { 42 $rate_voters = $row['rate_voters'].".".USERID."."; 43 $new_rating = $row['rate_rating']+$rate; 44 $sql -> db_Update("rate", "rate_votes=rate_votes+1, rate_rating='{$new_rating}', rate_voters='{$rate_voters}' WHERE rate_id='{$row['rate_id']}' "); 45 } 46 else 47 { 48 header("location:".e_BASE."index.php"); 49 exit; 50 } 51 } 52 else 53 { 54 $sql->db_Insert("rate", " 0, '{$table}', '{$itemid}', '{$rate}', '1', '.".USERID.".' "); 55 } 56 57 header("location:".$returnurl); 58 exit; 59 60 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Mar 12 16:28:38 2012 | Cross Reference PHPXref |